Modes d'introduction
Architecture and Design
Implementation
Plateformes applicables
Langue
Class: Not Language-Specific (Undetermined)
Conséquences courantes
Portée |
Impact |
Probabilité |
Other | Varies by Context | |
Exemples observés
Références |
Description |
| Component for web browser writes an error message to a known location, which can then be referenced by attackers to process HTML/script in a less restrictive context |
Notes de cartographie des vulnérabilités
Justification : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Commentaire : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
NotesNotes
overlaps default configuration.
Références
REF-267
SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES
Information Technology Laboratory, National Institute of Standards and Technology.
https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf
Soumission
Nom |
Organisation |
Date |
Date de publication |
Version |
PLOVER |
|
2006-07-19 +00:00 |
2006-07-19 +00:00 |
Draft 3 |
Modifications
Nom |
Organisation |
Date |
Commentaire |
Eric Dalci |
Cigital |
2008-07-01 +00:00 |
updated Time_of_Introduction |
CWE Content Team |
MITRE |
2008-09-08 +00:00 |
updated Relationships, Other_Notes, Relationship_Notes, Relevant_Properties, Taxonomy_Mappings, Weakness_Ordinalities |
CWE Content Team |
MITRE |
2009-03-10 +00:00 |
updated Potential_Mitigations |
CWE Content Team |
MITRE |
2009-12-28 +00:00 |
updated Potential_Mitigations |
CWE Content Team |
MITRE |
2010-02-16 +00:00 |
updated Relationships |
CWE Content Team |
MITRE |
2010-06-21 +00:00 |
updated Potential_Mitigations |
CWE Content Team |
MITRE |
2010-12-13 +00:00 |
updated Relationships |
CWE Content Team |
MITRE |
2011-06-01 +00:00 |
updated Common_Consequences |
CWE Content Team |
MITRE |
2011-06-27 +00:00 |
updated Common_Consequences |
CWE Content Team |
MITRE |
2011-09-13 +00:00 |
updated Potential_Mitigations, References |
CWE Content Team |
MITRE |
2012-05-11 +00:00 |
updated Relationships |
CWE Content Team |
MITRE |
2012-10-30 +00:00 |
updated Potential_Mitigations |
CWE Content Team |
MITRE |
2014-06-23 +00:00 |
updated Other_Notes |
CWE Content Team |
MITRE |
2017-11-08 +00:00 |
updated Applicable_Platforms, References, Relevant_Properties |
CWE Content Team |
MITRE |
2020-02-24 +00:00 |
updated Relationships |
CWE Content Team |
MITRE |
2023-04-27 +00:00 |
updated References, Relationships |
CWE Content Team |
MITRE |
2023-06-29 +00:00 |
updated Mapping_Notes |
CWE Content Team |
MITRE |
2024-02-29 +00:00 |
updated Demonstrative_Examples |